Yash

😭😂

imagine james potter being racist

why does it feel like AI generated

It's all okay, it would be Were you not now halfway down

If this continues, everyone’s going to have their own app and zero users

the delvepstein list

Damning evidence suggesting that compliance certificates issued by Delve (a startup founded in 2023) are fraudlent + worthless I never understood how eg Cluely could be GDPR, SOC2, HIPAA compliant in ~a week. Now we know: they probably aren't. Just wild substack.com/home/post/p-19…

Delve, a YC-backed compliance startup that raised $32 million, has been accused of systematically faking SOC 2, ISO 27001, HIPAA, and GDPR compliance reports for hundreds of clients. According to a detailed Substack investigation by DeepDelver, a leaked Google spreadsheet containing links to hundreds of confidential draft audit reports revealed that Delve generates auditor conclusions before any auditor reviews evidence, uses the same template across 99.8% of reports, and relies on Indian certification mills operating through empty US shells instead of the "US-based CPA firms" they advertise. Here's the breakdown: > 493 out of 494 leaked SOC 2 reports allegedly contain identical boilerplate text, including the same grammatical errors and nonsensical sentences, with only a company name, logo, org chart, and signature swapped in > Auditor conclusions and test procedures are reportedly pre-written in draft reports before clients even provide their company description, which would violate AICPA independence rules requiring auditors to independently design tests and form conclusions > All 259 Type II reports claim zero security incidents, zero personnel changes, zero customer terminations, and zero cyber incidents during the observation period, with identical "unable to test" conclusions across every client > Delve's "US-based auditors" are actually Accorp and Gradient, described as Indian certification mills operating through US shell entities. 99%+ of clients reportedly went through one of these two firms over the past 6 months > The platform allegedly publishes fully populated trust pages claiming vulnerability scanning, pentesting, and data recovery simulations before any compliance work has been done > Delve pre-fabricates board meeting minutes, risk assessments, security incident simulations, and employee evidence that clients can adopt with a single click, according to the author > Most "integrations" are just containers for manual screenshots with no actual API connections. The author describes the platform as a "SOC 2 template pack with a thin SaaS wrapper" > When the leak was exposed, CEO Karun Kaushik emailed clients calling the allegations "falsified claims" from an "AI-generated email" and stated no sensitive data was accessed, while the reports themselves contained private signatures and confidential architecture diagrams > Companies relying on these reports could face criminal liability under HIPAA and fines up to 4% of global revenue under GDPR for compliance violations they believed were resolved > When clients threaten to leave, Delve reportedly pairs them with an external vCISO for manual off-platform work, which the author argues proves their own platform can't deliver real compliance > Delve's sales price dropped from $15,000 to $6,000 with ISO 27001 and a penetration test thrown in when a client mentioned considering a competitor

was never able to wrap my head around compliance as a checklist

Rippling is going to be one of the main companies where AI meets organizations. They're still young enough to embrace AI thoroughly, but they're also big enough that they touch organizations in many places.

For years, @parkerconrad has been making the case that the real unlock in business software is the underlying employee data model. That’s why this launch matters: Rippling’s AI isn’t a thin wrapper on top of disconnected tools, it’s built on the system of record for the workforce. The customer posts are worth reading.

I've been playing with the new @Rippling AI, and it's changing how our team works. We used it to look through our employee policy docs to help make decisions and have informed conversations, saving us hours of manually digging through policies. Awesome AI tool!

@parkerconrad This is big time. Rippling is about to eat Workday's lunch

It's been truly awesome seeing Parker execute since day one; the relentless focus on delivering value doesn't stop in the Age of Intelligence, rather it means building products that are actually helping your people save time and money.

Rippling AI is changing the game: Less manual work More intelligent workflows Faster decisions The real win? Teams get to focus on what actually matters. @Rippling

@Rippling 's new Rippling AI is honestly scary good for company planning as they go more horizontal... plus shocked at how fast the team iterated on feedback I gave a few days ago. We're taking notes at Kestral on doing this for product teams... props to them.

Been playing with @Rippling AI this week. Typed in: "I'm trying to plan an offsite for the team sometime in 2026. Suggest windows of times when the least amount of vacations are taken (based on historic data) and are spaced outside of national holidays and school holidays in the Bay Area." Got a bunch of windows, instantly, from live data. Software in the AI era is great!

Rippling launched its AI analyst today. I'm not just the CEO - I'm also the Rippling admin for our co, and I run payroll for our ~ 5K global employees. Here are 5 specific ways Rippling AI has changed my job, and why I believe this is the future of G&A software. 🧵 1/n

completed my entire sales training while streaming all the resource videos at 2x, now my prospects can’t understand a thing I say